I want to limit an q.Get(q.Match(q.Index("index"... to only return docs with owner reference User

I have the following authenticated query with a token from logging in a user.


I have the following corresponding index (that is reversed)

It matches the following docs and looks like this in the dashboard

I have tried the following predicate function, but It gives me a permissions error. It is referencing the terms, but am not sure how to select data.owner from the terms such that the user is returned and matches the Identity() in the function so that it returns true and allows me to only read the docs of the authed user with this Index.

("terms", Equals(Var("terms"), [Identity()]))

Hope someone can help with this. Thanks ahead of time

Update: I have tried the following but it doesnt event return the ref to the current user not sure why it should.

 const test = await authClient(token).query(
      q.Get(q.Match(q.Index("item_number_reversed_owner"), q.CurrentIdentity()))

Heres the raw request


I guess if I just remove the predicate function, there is no way for the user to pass a different identity becasue it is run on the server side, so I don’t need to check if they are the user in the predicate. Is this safe, because it will work then and it separates my index by the user like I want it to.

If your index has terms defined, the Dashboard would be unable to show matching entries unless the terms were specified. So I think there might be a problem with your index definition.

Can you show me the result of this query (run it on the Shell screen in the Dashboard):


Secondly, CurrentIdentity can only return a value when a token is used for authentication. The secret for a key would result in the error:

  errors: [
      position: [],
      code: 'missing identity',
      description: 'Authentication does not contain an identity'

Do you need to use a Role? Roles are for granting permissions, not for filtering data.

well isn’t the role attached to my User by membership and that is what gives access to the faunaDB index, I just gave it read permissions, and am checking by currentIdenitty in the terms, and it is functioning as I like now.

But from my prespective I think this is resolved now. Let me know if I am missing something. thanks

Typing that into the shell gives me

  ref: Index("item_number_reversed_owner"),
  ts: 1615837816910000,
  active: true,
  serialized: true,
  name: "item_number_reversed_owner",
  source: Collection("Decor"),
  terms: [
      field: ["data", "owner"]
  values: [
      field: ["data", "itemNum"],
      reverse: true
      field: ["data", "owner"],
      reverse: true
  partitions: 1